GlobalSign certificate revocation error leaves websites inaccessible

Users around the world have had trouble accessing some HTTPS websites due to an error at GlobalSign, one of the world’s largest certificate authorities.

As part of a planned exercise, GlobalSign revoked one of its cross-certificates that allowed end-user certificates to chain to alternate root certificates. GlobalSign operates multiple roots, which are trusted in browsers and operating systems by default, and links them together through these cross-certificates.

The revocation of such a certificate was interpreted by some browsers and systems also as a revocation of the intermediate certificates that chained back to it. This was not really the case or the company’s intention.

To read this article in full or to leave a comment, please click here